Manager, IT Information Security
Description:
Are you ready to make a difference in the world and become part of our patient-centered team that is focused on Attacking Bladder Cancer for a Better Tomorrow? At CG Oncology, we believe that by having exceptionally talented individuals on our team who share our passion and enjoy working together, we can truly achieve our Vision and Mission to benefit patients around the world.
Every day we are making significant advancements across our multiple pipelines and are growing rapidly to meet the needs of our patients who cannot afford to wait to benefit from our novel immunotherapies. Please review this job posting and our Values and if they resonate with you and are what you expect from your organization and team, then we would like to hear from you.
We invite you to review our website to learn more about our company and team by visiting our website at
Role: Manager, IT Information Security
Location: Remote US-Based
Essential Functions:
Develop and Implement Cybersecurity Strategy: Lead the development of a comprehensive cybersecurity strategy aligned with business objectives and industry best practices. Identify emerging threats and vulnerabilities, and design proactive measures to mitigate risks effectively.
Define Security Policies and Procedures: Establish and enforce security policies, standards, and procedures to ensure the confidentiality, integrity, and availability of information assets. Regularly review and update policies to address evolving cybersecurity threats and regulatory requirements.
Risk Assessment and Management: Conduct regular risk assessments to identify potential security vulnerabilities and prioritize mitigation efforts. Develop risk management strategies and controls to minimize exposure to cyber threats and ensure business continuity.
Security Architecture and Infrastructure: Design and implement a secure infrastructure architecture, including network, systems, and applications, to protect against cyber-attacks and unauthorized access. Evaluate and recommend security technologies and solutions to enhance the overall security posture.
Incident Response and Crisis Management: Establish incident response plans and procedures to effectively respond to and mitigate security incidents, such as data breaches, malware infections, or denial-of-service attacks. Lead incident response efforts and coordinate with internal teams and external stakeholders as necessary.
Security Awareness and Training: Promote a culture of security awareness across the organization through training programs, workshops, and communication campaigns. Educate employees on cybersecurity best practices, policies, and procedures to reduce the risk of human error and insider threats.
Compliance and Regulatory Requirements: Ensure compliance with relevant cybersecurity laws, regulations, and industry standards, such as HIPAA, GDPR, and ISO 27001. Coordinate with legal and regulatory teams to address compliance gaps and maintain certifications.
Vendor and Third-Party Risk Management: Evaluate the security posture of vendors and third-party partners and establish risk management processes to assess and monitor their cybersecurity practices. Implement controls and contractual requirements to mitigate third-party risks effectively.
Establish strong working relationships with IT systems user communities, other business functions, and across IT support teams to ensure the appropriate adoption, effective usage and adequate control of IT security measures, and the adherence to industry and government regulations.
Provide input on security requirements between CG Oncology and vendor, and between CG Oncology IT and Business Functions
Be the point of contact within CG Oncology and between CG Oncology and vendor for the reporting and escalation of security incident management.
Communicate effectively with supervisors, peers, project managers, and stakeholders.
Must have strong work ethic, trust, integrity and accountability.
Other projects or duties as assigned.
Performs other duties as required.
Qualifications:
Bachelor’s Degree (preferably in Computer Science, Information Systems or Engineering or a related field) or equivalent combination of education and/or experience.
Minimum of 5 years of experience in information security, with at least 3 years in a leadership role.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification preferred.
Knowledge of applicable industry standards.
Deep understanding of cybersecurity principles, technologies, and best practices.
Proven track record of developing and implementing cybersecurity strategies and frameworks.
Experience in the biopharmaceutical/life sciences industry desired in small to medium sized companies
The U.S. target annual salary range for this remote, full-time, position is currently set at $145,000-$160,000. The actual base salary offered for this role will vary depending on job-related knowledge, skills, market factors, experience and considering internal equity. In addition, to the base salary, CG Oncology offers a very attractive set of Total Rewards (including bonus and equity) and Well-Being Benefits provided as part of the overall compensation package for this role.
Please visit for a listing of these rewards and benefits.
Total Rewards
CG Oncology offers very competitive and comprehensive Total Rewards, helping to support and reward our global team of high-performing employees focused on developing bladder-saving therapeutics for patients afflicted with bladder cancer.
HIGHLY COMPETITIVE SALARIES
ANNUAL PERFORMANCE/MERIT REVIEWS
ANNUAL PERFORMANCE BONUSES
EQUITY
SPECIAL RECOGNITION
Well-Being Benefits
In addition to our Total Rewards, CG Oncology offers a variety of Well-Being Benefits to meet most of the needs of our unique and growing workforce. These benefits are designed to support our team to achieve a healthy balance between work and their personal lives to remain refreshed, engaged, and creating an environment where each person can find a deeper meaning and purpose in their work.
Well-Being Benefits eligibility begins the 1st of the month after hire. While a majority of these benefits are for our US-based workforce, we continue to assess comparable levels of benefits for our international team members that are aligned with country-specific regulations and their national programs offered.
FULLY REMOTE WORK ENVIRONMENT
REST AND RECHARGE BENEFITS - Unlimited Flexible Time Off
HOLIDAYS – We observe 12 Holidays/year
RETIREMENT – 401K with 100% company Safe Harbor match up to 4% of base salary
HEALTH (MEDICAL, DENTAL, VISION) – HMOs, PPOs & HDHP – Anthem/MetLife
HEALTH SPENDING ACCOUNTS - HSA (with Annual Company Contribution), FSA, FSA-DC
ILLNESS & DISABILITY PROTECTION – Company Paid LTD Coverage + Voluntary Plans
LIFE INSURANCE – Company Paid 1 x base salary + Voluntary Plans
ADDITIONAL EXCLUSIVE BENEFITS – Voluntary Legal, Pet, Plus More
CG Oncology is an Equal Opportunity Employer:
All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status. At CG Oncology, we are building a community of intelligent and passionate team members that share our Vision, Mission, and Values, and while the biotechnology space can feel limited in BIPOC, non-binary and even female representation, we endeavor to make hiring decisions that will continue to grow and support our team in the direction of maintaining cultural diversity and sustainability.
Please note that CG Oncology does not accept unsolicited information and/or resumes from search firms or agencies for our job postings. Any resumes or client information submitted to our careers page or any employee of CG Oncology by any search firm or agency without an applicable contract in place will become the property of CG Oncology and no fee(s) will be paid.